I have this program I\'m trying to reverse engineer. I don\'t know whether or not it was the compiler\'s optimizer or obfuscation, but now some parts of the code that call other functions are calculat
When I load up an executable in IDA pro and OllyDbg, the addresses of the same inst开发者_运维百科ructions start up at different locations. This could be because they are different base addresses. I w
I\'ve just created a new vc++ exe with this simple code: #include<stdio.h> #include<string.h>
I\'ve been trying to reverse engineer a function of a game but I\'m kinda confused. I\'m pretty new to reverse engineering (I\'m using ollydbg btw) so I don\'t really know about all the tricks and det
I have an executable that I am trying to patch. The e开发者_JAVA技巧xecutable is storing strings using XOR encryption. I used XORSearch to find the string im looking for. It returned:
In OllyDbg the registers window, among other things,lists the standard cpu-registers: EAX ECX EDX EBX Is there a particular reas开发者_StackOverflow社区on why EBX is displayed last?This is probably
My simple understanding 开发者_如何转开发is OllyDbg is a user mode debugger, which you could use to debug \"normal\" apps. WinDbg is a kernel mode debugger, which you could use to debug itself.
开发者_如何学Go What does Z 1DS 0023 32bit 0(FFFFFFFF) mean?The Z 1 part means the zero flag is set.
I want to break on开发者_开发问答 where Executable Module X is called, but I\'ve no idea which function is actually called.
Is there a option I can choose how to launch the DLL(like when debug开发者_高级运维ging a dll project in visual studio)?
加载中,请稍侯......